Telegram 'Secret Chats' Functionality Local Information Disclosure Vulnerability
BID:106295
CVE-2018-3986 |Info
Telegram 'Secret Chats' Functionality Local Information Disclosure Vulnerability
| Bugtraq ID: | 106295 |
| Class: | Design Error |
| CVE: |
CVE-2018-3986 |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 21 2018 12:00AM |
| Updated: | Dec 21 2018 12:00AM |
| Credit: | Vitor Ventura from Cisco Talos. |
| Vulnerable: |
Telegram Telegram for Android 4.9 |
| Not Vulnerable: | |
Discussion
Telegram 'Secret Chats' Functionality Local Information Disclosure Vulnerability
Telegramis prone to a local information-disclosure vulnerability .
Successfully exploiting this issue can allow an attacker to obtain sensitive information that may aid in launching further attacks.
Telegram version 4.9.0 is vulnerable; other versions may also be affected.
Telegramis prone to a local information-disclosure vulnerability .
Successfully exploiting this issue can allow an attacker to obtain sensitive information that may aid in launching further attacks.
Telegram version 4.9.0 is vulnerable; other versions may also be affected.
Exploit / POC
Telegram 'Secret Chats' Functionality Local Information Disclosure Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Telegram 'Secret Chats' Functionality Local Information Disclosure Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Telegram 'Secret Chats' Functionality Local Information Disclosure Vulnerability
References:
References:
- Telegram Android Application (Google Play)
- Telegram Android Secret Chats Information Disclosure Vulnerability (Talos)
- Telegram Homepage (Telegram)